Privacy policy

Contents

Introduction

What Data
We Collect

How We
Use Your Data

Security

Cookies

File
Sharing & External Links

Email
Marketing

Social
Media Usage

Data
Subject Rights

1. Introduction

We are committed to ensuring the safe and secure management
of personal data held in relation to our staff, customers and other
individuals. This privacy policy outlines how Charmouth Fossils Ltd (the “Company”) uses and safeguards any
information that you give to the Company when using our website.

In the event that we do ask you to provide information which
can identify you (the “Data Subject”) as an individual then we will do so in
accordance with this privacy policy and the General Data Protection Regulation
(EU) 2016/679 (the “GDPR”). These rules apply regardless of whether the data is
collected and stored electronically, on paper or via any other means.

2. What Data We Collect

The Company may
collect a variety of personal data which can be used to identify an individual.
This data includes, but is not limited to:

Company
name

Your name

Contact
information; including email address & company address

Demographic
information such as postcode, preferences and interests

Other
information relevant to enquiries and orders

3. How We
Use Your Data

In accordance with the GDPR, all data which we collect on
behalf of a Data Subject must have a valid purpose for being collected and
stored. In the event that it is requested, we may use your data for one of the
following reasons:

Internal
record keeping

To
improve our products and services

Promotional/Marketing
purposes

To
contact you when necessary

4. Security

We are committed to ensuring the secure retention of your
personal data at all times. In the interest of safeguarding personal data we
have a variety of suitable measures to prevent unauthorised access or
disclosure of information both in physical and electronic formats. This
includes, but is not limited to, password protection for all devices with
access to Data Subjects’ data and lockable storage for physical copies of
personal data.

We use a cPanel hosting platform running on a Linux
operating system which utilises industry standard software such as Apache,
MySQL, PHP, Dovecot, and Exim. Hosted in a UK datacentre, the providing server
for our hosting platform runs on the latest supported operating systems and
software and these systems are regularly inspected and patched against known
vulnerabilities.

5. Cookies

Cookies are small files saved to a user’s computer hard
drive which track, save and store information about the user’s interaction and
usage of the website. This allows the Company to provide users with a more
personal, tailored experience while browsing our website.

Where applicable, the Company website uses a cookie control
system which allows users to give explicit permission or to deny the use of
/saving of cookies on their computer. In the event that this option is not
available users are advised to access their web browser’s security settings to
block all cookies from this website.

Some browsers limit or delete cookies, so you may want to
review your cookie settings and ads settings. In some browsers you can set up
rules to manage cookies on a site-by-site basis, giving you more fine-grained
control over your privacy. What this means is that you can disallow cookies
from all sites except those that you trust.

Browsers include Google Chrome, Microsoft Edge, Internet
Explorer, Mozilla Firefox, Safari and Opera; as well as others. Please consult
the relevant documentation for the browser you are using to find what cookie
management options are available in your chosen browser.

6. File
Sharing & External Links

From time to time we may publish files and external links on
the Company’s website. Any downloadable documents, files or media made
available on this website are provided to users at their own risk. While all
precautions have been undertaken to ensure only genuine downloads are
available, users are advised to verify their authenticity using third party
anti-virus software or similar applications.

We accept no responsibility for third party downloads and
downloads provided by external third party websites.

7. Email
Marketing

We operate an email marketing service (EMS) through Mailchimp
which is used to inform subscribers about any news regarding the Company,
including updates to our products and services. Data Subjects must provide
consent in either written format or by going through an online automated
process to continue receipt of emails through our EMS.

Subscribers can unsubscribe at any time through an automated
online service, through the “unsubscribe” option at the footer of the email or
by contacting the Company directly to request they are opted-out of any further
marketing campaigns.

Email marketing messages may contain tracking beacons /
tracked clickable links or similar server technologies in order to track
subscriber activity within email marketing messages. Where used, such marketing
messages may record a range of subscriber data relating to engagement,
geographic, demographics and already stored subscriber data.

8. Social
Media Usage

We strive to ensure our business and our staff conduct
themselves accordingly online. While we may have official profiles on social
media platforms, users are advised to verify authenticity of such profiles
before engaging with them and more importantly, before sharing personal data.
We will never ask for user passwords or personal details on social media
platforms.

There may be instances where our website features social
sharing buttons which help share web content directly from web pages to the
respective social media platforms. You use social sharing buttons at your own
discretion and accept that doing so may publish content to your social media
profile feed or page.

9. Data
Subject Rights

Data Subjects have certain right provided to them under the
GDPR, including the entitlement to request information on what personal data
the Company holds about them in paper or electronic format (a subject access
request).

Data subjects have a right to request a restriction on the
processing of their personal data and where applicable, a right to be
forgotten. Requests can be made by email to us at info@charmouthfossils.co.uk
where we aim to respond to your request within one month.

In the event that any direct marketing is undertaken by us
you have an absolute right to request that you are removed from any further marketing
campaigns. In which case, please send a written request to info@charmouthfossils.co.uk
and we will aim to remove you from our mailing list within one month of your
request.

Visit Us

Glimpse inside the fossil shop. It is not for sale for at any price. because we love it. These are some views of the fossils we have in stock & not on the website.

Our shop can be found under the Herititage coast centre, in Charmouth, Dorset, UK.

Get Stock Updates

Email

When you sign up for a specific newsletter, we (Charmouth Fossils Ltd) add your email address to a corresponding mailing list. While it is there, we know that we can contact you by email regarding that topic.

You can always have your email address removed from our mailing lists. There are multiple ways to do it:

Once your account is registered, just sign in and unsubscribe from newsletters in profile settings.

Use the “Unsubscribe” link in our newsletters that you receive.

Send an email to shop@charmouthfossils.co.uk.

We may use a third-party email service (MailChimp and/or Mad Mimi) to send newsletters. Some members of our staff can view mailing lists with email addresses. That way they’ll be able to remove your email address from the mailing list, should you request us to do so.

Please note that mailing lists are independent from each other. If you decide not to receive newsletters at all, you’ll have to unsubscribe from all the mailing lists. Even if you do that, you’ll still receive account-related emails (such as order status notifications, password reset emails, and more). It is essential for operating an online store.

If you decide that you no longer want to use our store and would like to have your personal data removed from our database (or if you’d like to get all the personal data associated with your account that we have), please send an email to shop@charmouthfossils.co.uk.

If you believe that your personal data has been misused, you have the right to lodge a complaint with a supervisory authority. We’re obliged by EU General Data Protection Regulation to let you know about this right; we don’t actually intend to misuse your data.